The Cyber Resilience Act (CRA) is redefining what it means to supply connected industrial products in the EU. Under CRA, connectivity is no longer just a functional component. It becomes a regulated part of the product that must support long‑term security, updates, documentation, and compliance evidence.
To meet these requirements, the Anybus Communicator has been updated to be CRA‑ready. Developed using IEC 62443‑certified secure product development processes, both hardware and software have been enhanced to support long‑term security and lifecycle requirements. This enables device makers, machine builders, system integrators, and factory owners to rely on a ready‑made connectivity solution that simplifies regulatory compliance and helps them meet growing customer and purchasing requirements.
Two key hardware updates have been introduced to strengthen security and lifecycle robustness:
Together, the real‑time clock with backup power and the security chip provide a stronger hardware foundation for secure operation and long‑term lifecycle support under CRA.
In parallel with the hardware updates, several software features have been introduced to support CRA‑relevant security and access control requirements.
Secure configuration
Configuration access is protected using HTTPS, preventing man‑in‑the‑middle attacks during commissioning and maintenance. Certificates are user‑managed to support secure configuration in different environments.
Role‑based access control
Password protection is activated directly in the web user interface. Each device is delivered with a unique default Admin password, laser‑marked on the product during production and used for first‑time login.
Three standard roles are supported:
This ensures that configuration access matches operational responsibility.
Controlled updates and lifecycle protection
The Anybus Communicator supports a controlled firmware lifecycle. On CRA‑ready devices with updated hardware, safeguards are in place to prevent downgrading to firmware versions released prior to the hardware update, ensuring that CRA‑relevant security capabilities are not removed.
Protection of intellectual property
Machine builders and device makers can simplify configuration for end users and protect intellectual property by hiding Master configuration details.
By integrating these hardware and software updates, the Anybus Communicator provides CRA‑ready connectivity out of the box. This helps device makers, machine builders, system integrators, and factory operators respond to growing cybersecurity, compliance, and purchasing requirements from customers.
Manufacturers and integrators can continue to rely on the Anybus Communicator for both industrial network connectivity and cybersecurity. Units in the field remain supported, while new units are delivered with CRA‑ready hardware and software, providing a clear, non‑disruptive path to meet CRA and customer cybersecurity requirements.
HMS Networks builds and maintains connectivity, security tooling, and compliance over the product lifecycle, so you don’t have to. For many use cases, implementing an Anybus Communicator is the simplest, lowest‑effort way to meet CRA expectations while preserving uptime, performance, and market access.
To explore all Anybus Communicators and find the right fit for your needs, visit our Gateways and protocol converters page.
Learn more about the Cyber Resilience Act on our website:
